//package com.qcq.wecheck.auth;
//
//import com.alibaba.fastjson.JSON;
//import com.alibaba.fastjson.JSONObject;
//import com.qcq.wecheck.entity.Auth;
//import com.qcq.wecheck.result.CommonResult;
//import com.qcq.wecheck.service.AuthService;
//import com.qcq.wecheck.util.AesUtils;
//import lombok.extern.slf4j.Slf4j;
//import org.springframework.stereotype.Component;
//
//import javax.annotation.Resource;
//import javax.servlet.*;
//import javax.servlet.annotation.WebFilter;
//import javax.servlet.http.HttpServletRequest;
//import java.io.IOException;
//import java.io.Writer;
//import java.util.HashMap;
//import java.util.Map;
//
//
///**
// * <p>
// * 共有api鉴权过滤器, 根据ak/sk机制, 过滤非法请求
// * 值得注意的一点: 在创建拦截器的时候, 无法为request添加参数, 导致controller无法获取参数
// * 因此, 采用过滤器, 过滤器可以向request添加参数
// * </p>
// *
// * @author O
// * @version 1.0
// * @since 2018/9/15
// */
//@Component
//@WebFilter(urlPatterns = "/*", filterName = "authFilter")
//@Slf4j
//public class AuthFilter implements Filter {
//	private static final String ACCESS_KEY = "accessKey";
//	private static final String PACKAGE = "content";
//	@Resource
//	private AuthService authService;
//
//	@Override
//	public void init(FilterConfig filterConfig) {
//	}
//
//	@Override
//	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//		boolean canPass = false;
//		String accessKey = request.getParameter(ACCESS_KEY);
//
//		Auth auth = authService.selectById(accessKey);
//		if (auth != null) {
//			String content = request.getParameter(PACKAGE);
//			try {
//				content = AesUtils.aesDecrypt(content, auth.getSecretKey());
//				if (content != null) {
//					JSONObject jsonObject = JSON.parseObject(content);
//					Map<String, String[]> map = new HashMap<>(request.getParameterMap());
//
//					//将参数放入controller方法参数直接匹配的地方
//					HttpServletRequest req = (HttpServletRequest) request;
//					for (String key : jsonObject.keySet()) {
//						map.put(key, new String[]{jsonObject.get(key).toString()});
//					}
//					request = new ParameterRequestWrapper(req, map);
//				}
//				canPass = true;
//			} catch (Exception e) {
//				log.error("an exception was caught when decoding package . message may be hacked !");
//				writeFailureResult(response, "消息解析出错, 密钥可能被盗用");
//				e.printStackTrace();
//				throw new ServletException();
//			}
//		}
//		if (canPass) {
//			chain.doFilter(request, response);
//		} else {
//			writeFailureResult(response, "您没有访问权限");
//		}
//	}
//
//	@Override
//	public void destroy() {
//	}
//
//	private static void writeFailureResult(ServletResponse response, String msg) {
//		try {
//			response.setContentType("application/json;charset=utf-8");
//			Writer writer = response.getWriter();
//			String result = JSONObject.toJSONString(CommonResult.failure(msg));
//			writer.write(result);
//			writer.close();
//		} catch (Exception e) {
//			log.error("an error occurred when send servlet response ...");
//			e.printStackTrace();
//		}
//	}
//
//}
